Requirement:
Create 3 EC2 instances (Machine A, Machine B and Machine
C)in 3 different VPCs(VPC A, VPC B, VPC C). We should be able to do SSH from
Machine A to Machine B and from Machine B to Machine C.
However, we should NOT be allowed to Machine B to Machine A
as well as Machine C to Machine B
Solution:
1.
Create two VPC with CIDR Range 10.0.1.0/24,
10.0.2.0/24 & 10.0.3.0/24
2.
Create Subnet in respective VPC with range same
as VPC CIDR
3.
Create two Internet Gateway and attach to
respective VPC.
4.
In default Route Table add the default Rule
(0.0.0.0/0) and target to Internet Gateway.
5.
Create Peering connections (for VPC Peering)
a.
Select the Source as VPC A and destination as
VPC B
b.
Accept the Peering request
c.
Select the Source as VPC B and destination as
VPC C
d.
Accept the Peering request
6.
Edit Route table A and add the route to VPC B
CIDR Range and target to VPC Peering
7.
Edit Route table B and add the route to VPC A
CIDR Range and target to VPC Peering
8.
Edit Route table B and add the route to VPC C
CIDR Range and target to VPC Peering
9.
Edit Route table C and add the route to VPC B
CIDR Range and target to VPC Peering
10.
Create three EC2 instances (VM) in the respective
VPC.
11.
Edit the default NACL of VPC A
·
Edit the inbound rule to deny login from VPC B
CIDR range
12.
Edit the default NACL of VPC B
·
Edit the
Inbound rule to deny from VPC C CIDR Range
13.
Login to Machine A and check if you should be
able to ssh to Machine B. And Machine B to machine C.
a.
Machine A to Machine B (Successful SSH)
b.
Machine B to Machine C (Successful SSH)
14.
SSH should not be possible from Machine B to
Machine A and Machine C to machine B
a.
Machine B to Machine A (Unsuccessful SSH)
b.
Machine C to Machine B (Unsuccessful SSH)
Comments
Post a Comment